A common desire among organizations with 500+ users who have started (or are seeking to start) an identity management project with tenfold is the ability to transfer user data from HR systems (such as SAP HCM) automatically to tenfold. Instead of having to painstakingly copy every item from the HR system when it is fed with new data or when existing data is modified, these organizations want the data transfer to happen automatically via an interface.
In the past, the only way to achieve this was through scripting (EXEC jobs). However, this approach is far from best practice. For this reason, tenfold has developed the out-of-the-box import plugin, which makes HR data imports easy as pie.
tenfold Import Plugin
With tenfold’s import plugin, you will have your HR interface for identity management up and running in no time – given the HR system is able to provide the required data for the import plugin to read out. It is the HR system provider or consultant who is responsible for provisioning this data regularly.
tenfold supports several technical means of data import: CSV file, database query via SQL or provisioning via script (e.g. for calling a REST service). The column and data formats can be configured individually and in great detail.
Import Plugin: Features
Create New Users
Once the plugin is installed, it can recognize when a new user is added to the import source and can import this user to tenfold automatically. To do this, it generates a request for creating the new user in tenfold. The plugin also recognizes changes to master data and can trigger the necessary change requests in tenfold.
Users who leave the company are either already marked in a certain way or tagged with a leaving date. This way, the plugin knows exactly when to generate a delete request for that user’s accounts and privileges.
Plugin Automates Manual Tasks
Requests generated by the plugin are handled in exactly the same way as they would be if generated manually. When a new person is added manually in tenfold, including all relevant data, the subsequent processes are the same as those triggered by the plugin. The plugin automatically assigns the appropriate privileges to the user and all the other plugins also behave according to how they were configured.
Optional Approval Workflow
If desired, you can add an approval workflow upstream of the generated request. This is especially handy during the go-live phase because it allows you to observe, over a certain period of time, whether the HR data is being transmitted correctly and whether the associated requests triggered in tenfold contain the data.